package org.example;

import java.io.*;

public class CustomSessionState implements Serializable {
    private String userId;
    private transient String sensitiveData;

    public CustomSessionState(String userId, String sensitiveData) {
        this.userId = userId;
        this.sensitiveData = sensitiveData;
    }

//自定义序列化
    private void writeObject(ObjectOutputStream oos) throws IOException {
        oos.defaultWriteObject();
    }

//自定义反序列化
    private void readObject(ObjectInputStream ois) throws IOException, ClassNotFoundException {
        ois.defaultReadObject();
    }
}
